ASK THE EXPERT - IPS AIM ON THE CISCO ISR

Share

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to learn about Intrusion Prevention System Advanced Integration Module on Cisco Integrated Services Router, with Cisco experts Tom Fulton and Tina Lam. Tom is a technical marketing engineer for Security in the Access Routing Technology Group.

He brings field experience as a former Cisco systems engineer in the Silicon Valley and a seasoned background in Linux and Application layer security. Tom has 10 years of experience in the information security industry. He has helped design security solutions for Fortune 500 companies. As a product manager for the Cisco Integrated Services Router, Tina is primarily responsible for integrated security for small and medium-sized businesses as well as commercial and enterprise branch offices. She has worked at Cisco since 1998 and has been a hardware engineer for the Cisco 10000 Series Router and a technical marketing engineer for the Cisco 3600, 3700, and 3800 series of routers. She has a Bachelor of Arts degree in physics and mathematics from the University of Chicago and a Master of Science degree in electrical engineering from Stanford University.

Remember to use the rating system to let Tom and Tina know if you have received an adequate response.

Tom and Tina might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through December 21, 2007. Visit this forum often to view responses to your questions and the questions of other community members.

Your problem has to do with running IOS IPS, the software based IPS, on ISR. IPS AIM is a hardware based IPS for ISR. IPS AIM has dedicated memory on the module to store all IPS signatures and does not require additional memory on the router.

I do have one 6509 -FWSM & IDSM-2, please suggest me the best way to use IDSM-2 ,Like Promi mode with SPAN/VACL or Inline with Virtual int. I configured FWSM as multi FW context so what device i can use as a Blocker

I would like to setup a VPN connection from one of my small satellite offices to the main office. How would I go about doing this? Do I need a VPN server and VPN Client? Can I use the Cisco 1800 Series Router as a VPN Server? Is there a cheaper solution to getting a VPN Server